This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/Hz2CwE5wcYXTB8FSwWDK5Rt2kgM.roa File: Hz2CwE5wcYXTB8FSwWDK5Rt2kgM.roa (raw, json) Hash identifier: IDDqSWOczA2q2urCjohT5PUeAUF0bht4zqH2G2v0ftg= Subject key identifier: 1F:3D:82:C0:4E:70:71:85:D3:07:C1:52:C1:60:CA:E5:1B:76:92:03 Certificate issuer: /CN=ad9681f144db1430ac315c8306e1c14730c5fec2 Certificate serial: 019B7E37A7B092EAE4DEDBC25B284B18DA72 Authority key identifier: AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/Hz2CwE5wcYXTB8FSwWDK5Rt2kgM.roa Signing time: Fri 02 Jan 2026 10:18:55 +0000 ROA not before: Fri 02 Jan 2026 10:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62442 IP address blocks: 78.157.32.0/19 maxlen: 19 78.157.32.0/24 maxlen: 24 78.157.34.0/24 maxlen: 24 78.157.35.0/24 maxlen: 24 78.157.36.0/24 maxlen: 24 78.157.37.0/24 maxlen: 24 78.157.38.0/24 maxlen: 24 78.157.39.0/24 maxlen: 24 78.157.40.0/24 maxlen: 24 78.157.41.0/24 maxlen: 24 78.157.42.0/24 maxlen: 24 78.157.43.0/24 maxlen: 24 78.157.44.0/24 maxlen: 24 78.157.45.0/24 maxlen: 24 78.157.46.0/24 maxlen: 24 78.157.47.0/24 maxlen: 24 78.157.48.0/21 maxlen: 21 78.157.48.0/24 maxlen: 24 78.157.49.0/24 maxlen: 24 78.157.50.0/24 maxlen: 24 78.157.51.0/24 maxlen: 24 78.157.52.0/24 maxlen: 24 78.157.53.0/24 maxlen: 24 78.157.54.0/23 maxlen: 23 78.157.54.0/24 maxlen: 24 78.157.55.0/24 maxlen: 24 78.157.56.0/21 maxlen: 21 78.157.56.0/24 maxlen: 24 78.157.57.0/24 maxlen: 24 78.157.58.0/24 maxlen: 24 78.157.59.0/24 maxlen: 24 78.157.60.0/23 maxlen: 23 78.157.60.0/24 maxlen: 24 78.157.61.0/24 maxlen: 24 78.157.62.0/24 maxlen: 24 78.157.63.0/24 maxlen: 24 89.221.84.0/22 maxlen: 22 89.221.88.0/21 maxlen: 21 89.221.88.0/24 maxlen: 24 185.222.210.0/24 maxlen: 24 2a10:8180::/29 maxlen: 29 2a10:8180::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.mft rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:a7:b0:92:ea:e4:de:db:c2:5b:28:4b:18:da:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad9681f144db1430ac315c8306e1c14730c5fec2 Validity Not Before: Jan 2 10:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f3d82c04e707185d307c152c160cae51b769203 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d4:31:99:67:f1:d7:ea:c7:40:28:1f:fa:46: c6:05:6d:52:0e:45:4e:75:30:c9:ce:ed:07:f6:6c: cb:c2:a9:d7:80:74:1f:18:85:e0:82:a3:e6:e2:7f: 17:c5:09:93:73:87:9b:67:a8:06:ba:76:c3:39:61: 07:44:3a:3f:cb:bf:e2:81:b0:d1:8f:77:1c:7c:a8: 39:ae:11:2b:17:13:86:68:20:fe:64:31:91:02:e7: 63:0e:06:b3:03:58:4f:1e:06:42:e3:f5:fc:4a:26: 3e:8e:4b:a9:d0:e1:b3:d4:03:58:ae:2d:41:0d:c1: d9:27:71:61:e9:c5:4f:2b:1a:d1:4c:77:94:dd:35: 19:33:0e:64:f3:fb:85:df:a4:15:5a:05:72:11:18: 2d:d8:f3:1b:e9:7f:91:24:36:79:3b:94:d6:1c:37: 47:44:3f:67:1e:58:65:92:2b:bc:c7:e0:55:d8:08: af:ea:67:a8:45:c3:4c:99:95:60:b5:9b:1c:0e:d2: 7c:2d:1b:29:ac:2f:31:a0:91:19:6c:62:04:3c:82: 19:6c:9b:96:b8:f7:8f:44:8b:9a:43:02:da:56:cf: 85:18:c7:92:26:b2:b9:c1:19:2f:46:ef:dd:1b:20: 8f:54:4d:29:82:31:b0:93:f8:2f:a7:6b:e2:90:28: 52:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:3D:82:C0:4E:70:71:85:D3:07:C1:52:C1:60:CA:E5:1B:76:92:03 X509v3 Authority Key Identifier: keyid:AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/Hz2CwE5wcYXTB8FSwWDK5Rt2kgM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.157.32.0/19 89.221.84.0-89.221.95.255 185.222.210.0/24 IPv6: 2a10:8180::/29 Signature Algorithm: sha256WithRSAEncryption 83:22:55:e1:6e:e5:3b:01:6d:b6:f3:bd:29:8a:b6:e3:2a:da: 2a:5a:dc:19:b6:68:9c:97:34:e3:42:51:d3:70:1b:d4:89:30: 72:7c:a7:e7:d7:d3:98:22:7a:68:66:e0:ea:bd:ba:37:39:d0: 0a:4c:00:dd:2c:67:2a:64:8b:33:0b:89:e7:0f:e1:cd:15:47: 49:01:f5:fd:47:46:fb:e9:46:c0:b8:e7:c3:6d:0a:32:00:ff: f4:2b:02:90:46:99:2e:8b:e8:5d:a1:df:6c:e5:19:76:8b:4a: 49:a2:25:30:fb:a2:96:a6:74:02:31:dd:de:cb:41:f7:a9:af: 9e:96:ed:6e:da:cf:a6:95:ce:85:7d:71:46:cd:b3:66:d0:46: b2:91:73:90:e6:22:44:dd:58:9a:a6:af:7a:6b:95:07:6b:90: 15:30:7b:3a:b7:e4:07:d4:a2:e1:42:4e:60:70:f1:c7:6f:d1: f8:3d:45:0d:dc:4c:1c:48:4c:66:54:89:85:55:bf:71:3a:e6: fd:3b:ac:7e:66:c8:e5:86:fb:2c:6e:a6:6d:fd:6b:a2:d2:cd: ec:3d:80:ac:c0:c1:8b:6e:e9:76:9e:4b:8c:c9:f2:22:d4:1c: 51:b6:e5:0a:83:17:3f:d6:c9:b2:cd:96:91:e4:6e:eb:c4:bd: 3b:94:b9:b6 -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt+N6ewkurk3tvCWyhLGNpyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkOTY4MWYxNDRkYjE0MzBhYzMxNWM4MzA2ZTFjMTQ3MzBj NWZlYzIwHhcNMjYwMTAyMTAxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjNkODJjMDRlNzA3MTg1ZDMwN2MxNTJjMTYwY2FlNTFiNzY5MjAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNQxmWfx1+rHQCgf+kbGBW1SDkVO dTDJzu0H9mzLwqnXgHQfGIXggqPm4n8XxQmTc4ebZ6gGunbDOWEHRDo/y7/igbDR j3ccfKg5rhErFxOGaCD+ZDGRAudjDgazA1hPHgZC4/X8SiY+jkup0OGz1ANYri1B DcHZJ3Fh6cVPKxrRTHeU3TUZMw5k8/uF36QVWgVyERgt2PMb6X+RJDZ5O5TWHDdH RD9nHlhlkiu8x+BV2Aiv6meoRcNMmZVgtZscDtJ8LRsprC8xoJEZbGIEPIIZbJuW uPePRIuaQwLaVs+FGMeSJrK5wRkvRu/dGyCPVE0pgjGwk/gvp2vikChSGQIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFB89gsBOcHGF0wfBUsFgyuUbdpIDMB8GA1UdIwQY MBaAFK2WgfFE2xQwrDFcgwbhwUcwxf7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2Yt YTNhMTNlM2E3ZDgwLzEvSHoyQ3dFNXdjWVhUQjhGU3dXREs1UnQya2dNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2YtYTNhMTNlM2E3ZDgw LzEvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQFTp0gMAwD BAJZ3VQDBAVZ3UADBAC53tIwDQQCAAIwBwMFAyoQgYAwDQYJKoZIhvcNAQELBQAD ggEBAIMiVeFu5TsBbbbzvSmKtuMq2ipa3Bm2aJyXNONCUdNwG9SJMHJ8p+fX05gi emhm4Oq9ujc50ApMAN0sZypkizMLiecP4c0VR0kB9f1HRvvpRsC458NtCjIA//Qr ApBGmS6L6F2h32zlGXaLSkmiJTD7opamdAIx3d7LQfepr56W7W7az6aVzoV9cUbN s2bQRrKRc5DmIkTdWJqmr3prlQdrkBUwezq35AfUouFCTmBw8cdv0fg9RQ3cTBxI TGZUiYVVv3E65v07rH5myOWG+yxupm39a6LSzew9gKzAwYtu6XaeS4zJ8iLUHFG2 5QqDFz/WybLNlpHkbuvEvTuUubY= -----END CERTIFICATE-----Generated at Sun Jan 25 23:31:40 2026 by rpki-client